You're reading from Cybersecurity Attacks ‚Äì Red Team Strategies A practical guide to building a penetration testing program having homefield advantage

Product type Paperback

Published in Mar 2020

Publisher Packt

ISBN-13 9781838828868

Length 524 pages

Edition 1st Edition

Tools

Neo4j

Concepts

Cybersecurity

Author (1):

Johann Rehberger

View More author details

Table of Contents (17) Chapters

Preface

1. Section 1: Embracing the Red

2. Chapter 1: Establishing an Offensive Security Program FREE CHAPTER

3. Chapter 2: Managing an Offensive Security Team

4. Chapter 3: Measuring an Offensive Security Program

5. Chapter 4: Progressive Red Teaming Operations

6. Section 2: Tactics and Techniques

7. Chapter 5: Situational Awareness – Mapping Out the Homefield Using Graph Databases

8. Chapter 6: Building a Comprehensive Knowledge Graph

9. Chapter 7: Hunting for Credentials

10. Chapter 8: Advanced Credential Hunting

11. Chapter 9: Powerful Automation

12. Chapter 10: Protecting the Pen Tester

13. Chapter 11: Traps, Deceptions, and Honeypots

14. Chapter 12: Blue Team Tactics for the Red Team

15. Assessments

16. Another Book You May Enjoy

Leave a review - let other readers know what you think

Exploring varieties of cyber operational engagements

Red teaming in the cybersecurity space frequently focuses on infrastructure attacks, performing lateral movement through Windows environments.

Operations focus on this because Windows is still the most dominant infrastructure in most organizations. The risks and the problem space are pretty well understood. There is also very mature, good tooling available (such as PowerShell Empire, PingCastle, and Bloodhound, to name just a few highlights) and it is fun to perform for penetration testers and quite impactful.

The outstanding research and knowledge sharing that's done by the security community, pen testers, and red teamers has led to a better understanding of threats and attacks and has led to stronger defenses and improvements in detection, tooling, and processes.

It started long back by adding mitigations such as stack cookies, and decades later the security community and researchers kept pushing the envelope....